Data security system for a database
0 Assignments
0 Petitions
Accused Products
Abstract
A method and an apparatus for processing data provides protection for the data. The data is stored as encrypted data element values (DV) in records (P) in a first database (O-DB), each data element value being linked to a corresponding data element type (DT). In a second database (IAM-DB), a data element protection catalogue (DC) is stored, which for each individual data element type (DT) contains one or more protection attributes stating processing rules for data element values (DV), which in the first database (O-DB) are linked to the individual data element type (DT). In each user-initiated measure which aims at processing a given data element value (DV) in the first database (O-DB), a calling is initially sent to the data element protection catalogue for collecting the protection attribute/attributes associated with the corresponding data element types. The user'"'"'s processing of the given data element value is controlled in conformity with the collected protection attribute/attributes.
-
Citations
88 Claims
-
1-8. -8. (canceled)
-
9. A data processing method comprising:
-
maintaining a database containing a table of data in row and column format, at least portion of the data being encrypted;
maintaining, separate from the table of data, information for controlling access to a specified proper subset of data in the table; and
controlling access to the specified proper subset of data in the table according to the separately maintained information. - View Dependent Claims (10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29, 30, 31, 83)
-
-
32. A method comprising:
-
providing a database containing a table having at least two columns of data;
encrypting data in a first column using first cryptographic information;
encrypting data in a second column using second cryptographic information;
storing first and second cryptographic information outside of the table;
controlling access to data in the first column using the first cryptographic information stored outside of the table; and
controlling access to data in the second column using the second cryptographic information stored outside of the table. - View Dependent Claims (33, 34, 35, 36, 37, 38, 84)
-
-
39. A database management system comprising:
-
a database containing a table having at least two columns of data, at least one column of data being encrypted; and
information stored outside of the table for controlling access to at least one column of data, the information including cryptographic information associated with the encrypted column of data. - View Dependent Claims (40, 41, 42, 43, 44, 45, 87)
-
-
46. A data processing method comprising:
-
maintaining a first set of data as a collection of records having fields, at least a portion of the data being encrypted;
maintaining, separate from the first set of data, information for controlling access to a specified proper subset of the first data; and
controlling access to the specified proper subset of the first set of data according to the separately maintained information. - View Dependent Claims (47, 48, 49, 50, 51, 52, 53, 54, 55, 56, 57, 58, 59, 60, 61, 62, 63, 64, 65, 66, 67, 68, 85)
-
-
69. A method comprising:
-
providing a database containing at least two columns of data;
encrypting data in a first column using first cryptographic information;
encrypting data in a second column using second cryptographic information;
storing the first and second cryptographic information apart from the two columns of data;
controlling access to data in the first column using the first cryptographic information; and
controlling access to data in the second column using the second cryptographic information. - View Dependent Claims (70, 71, 72, 73, 74, 75, 86)
-
-
76. A database management system comprising:
-
a database containing at least two columns of data, a first column of data being encrypted; and
information stored outside of the first column of data for controlling access to the first column of data, the information including cryptographic information associated with the first column of data. - View Dependent Claims (77, 78, 79, 80, 81, 82, 88)
-
Specification